closing port 6000

closing port 6000

Post by Kevin Higgin » Sat, 04 Mar 2000 04:00:00



I am running RedHat 6.1, and I cannot figure out how to close Port
6000.  Basically, I want to disable all access to port 6000 through
eth0.  Here is a scan of my comp using namp

111 open tcp sunrpc
113 open tcp auth
515 open tcp printer
6000 open tcp X11

Is there an X startup file that I need to change?

Thanks

 
 
 

closing port 6000

Post by Luke » Sun, 05 Mar 2000 04:00:00


Don't know how to close the port, but you could use ipchains to do the
trick...

/sbin/ipchains -A input -i eth0 -s 0/0 -d your.ip.address.here 6000 -j
DENY

this tells the kernel to discard any packets coming in on eth0 from any
ipaddress on any port going to port 6000 on your computer.  Put this
line at the end of /etc/rc.local to have it executed every time you
boot.

Quote:> I am running RedHat 6.1, and I cannot figure out how to close Port
> 6000.  Basically, I want to disable all access to port 6000 through
> eth0.  Here is a scan of my comp using namp

> 111 open tcp sunrpc
> 113 open tcp auth
> 515 open tcp printer
> 6000 open tcp X11

> Is there an X startup file that I need to change?

> Thanks


 
 
 

closing port 6000

Post by Kevin Higgin » Sun, 05 Mar 2000 04:00:00



> Don't know how to close the port, but you could use ipchains to do the
> trick...

> /sbin/ipchains -A input -i eth0 -s 0/0 -d your.ip.address.here 6000 -j
> DENY

> this tells the kernel to discard any packets coming in on eth0 from any
> ipaddress on any port going to port 6000 on your computer.  Put this
> line at the end of /etc/rc.local to have it executed every time you
> boot.

> > I am running RedHat 6.1, and I cannot figure out how to close Port
> > 6000.  Basically, I want to disable all access to port 6000 through
> > eth0.  Here is a scan of my comp using namp

> > 111 open tcp sunrpc
> > 113 open tcp auth
> > 515 open tcp printer
> > 6000 open tcp X11

> > Is there an X startup file that I need to change?

> > Thanks

Thanks for the help, but it doesn't seem to be working.  When I execute
the command you stated, this occurs.

/sbin/ipchains -A input -i eth0 -s 0/0 -d my.ip.add.ress 6000 -j DENY
/sbin/ipchains: can only specify ports for icmp, tcp or udp
Try `/sbin/ipchains -h' or '/sbin/ipchains --help' for more information.

Last time I checked, port 6000 was a tcp port.  Any thoughts?

Thanks,
Kevin

 
 
 

closing port 6000

Post by Wally Whacke » Sun, 05 Mar 2000 04:00:00




> > Don't know how to close the port, but you could use ipchains to do the
> > trick...

> > /sbin/ipchains -A input -i eth0 -s 0/0 -d your.ip.address.here 6000 -j
> > DENY

> > this tells the kernel to discard any packets coming in on eth0 from any
> > ipaddress on any port going to port 6000 on your computer.  Put this
> > line at the end of /etc/rc.local to have it executed every time you
> > boot.

> > > I am running RedHat 6.1, and I cannot figure out how to close Port
> > > 6000.  Basically, I want to disable all access to port 6000 through
> > > eth0.  Here is a scan of my comp using namp

> > > 111 open tcp sunrpc
> > > 113 open tcp auth
> > > 515 open tcp printer
> > > 6000 open tcp X11

> > > Is there an X startup file that I need to change?

> > > Thanks

There is a problem with scanning your own machine. Do you have a
firewall statement like "ipchains -A input -s 127.0.0.1 -j ACCEPT" or
"ipchains -A iput -s you.rip.add.ress -j ACCEPT" That is letting all
the traffic through?

You can shut down X.

You can leave the port open and make sure your xhost isn't allowing
access from the entire world.

Give yourself an http://hackerwhacker.com scan when you are done to
confirm you actually closed the port to the Internet. If you decide to
leave it open and fix your xhost http://hackerwhacker.com will tell
you if you've done that correctly.

Wally

Quote:> Thanks for the help, but it doesn't seem to be working.  When I execute
> the command you stated, this occurs.

> /sbin/ipchains -A input -i eth0 -s 0/0 -d my.ip.add.ress 6000 -j DENY
> /sbin/ipchains: can only specify ports for icmp, tcp or udp
> Try `/sbin/ipchains -h' or '/sbin/ipchains --help' for more information.

> Last time I checked, port 6000 was a tcp port.  Any thoughts?

> Thanks,
> Kevin

--
Strangers in your computer? Don't be the last one to find out.
HTTP://HACKERWHACKER.COM
Security Link of the Hour:
http://www.wiretrip.net/rfp/1/index.asp
 
 
 

closing port 6000

Post by Organi » Sun, 05 Mar 2000 04:00:00



>Last time I checked, port 6000 was a tcp port.  Any thoughts?

>Thanks,
>Kevin

This issue has recently come up in my LUG.  One of the members
suggested starting X with:

startx -- -nolisten tcp

Give that a try.

--

0rganiX           (yup, it's a zer0)

hotbot.com

 
 
 

closing port 6000

Post by Tad » Sun, 05 Mar 2000 04:00:00



Quote:> Don't know how to close the port, but you could use ipchains to do the
> trick...

> /sbin/ipchains -A input -i eth0 -s 0/0 -d your.ip.address.here 6000 -j
> DENY

> this tells the kernel to discard any packets coming in on eth0 from any
> ipaddress on any port going to port 6000 on your computer.  Put this
> line at the end of /etc/rc.local to have it executed every time you
> boot.

You need to specify a protocol

/sbin/ipchains -A input -i eth0 -p tcp -s 0/0 -d $YOUR_IP 6000 -j DENY

Tad

 
 
 

closing port 6000

Post by jgile » Tue, 07 Mar 2000 04:00:00


yes 'startx -- -nolisten tcp' will remove port 6000 but there're
other ports open for LISTENing with having Xwindows running...
do a 'netstat -ta' and you will see...

jgiles




> >Last time I checked, port 6000 was a tcp port.  Any thoughts?

> >Thanks,
> >Kevin

> This issue has recently come up in my LUG.  One of the members
> suggested starting X with:

> startx -- -nolisten tcp

> Give that a try.

> --

> 0rganiX           (yup, it's a zer0)

> hotbot.com

Sent via Deja.com http://www.deja.com/
Before you buy.
 
 
 

1. tcp.port(s): 6000 & 32770 (How to close?)

Ever since I installed SuSE 7.2 (quite awhile ago even),
I still cannot figure out what apps are opening my tcp port(s) 6000 and
32770...grrr!! =/

Port       State       Service
6000/tcp   open        X11
32770/tcp  open        sometimes-rpc

Can someone please tell me what applications use these ports,
and/or how i can close them? (without using a firewall setting)

Thanks!

--
m000!!

2. Linux - WindowsNT multiboot

3. RS/6000 won't start closing stdin and stdout

4. QuickNet Internet PhoneJack.

5. close rndc service, so port 953 will close

6. resolution

7. Closing ports by closing services

8. Linux gpm mouse (cut and paste) services problem

9. HELP: multiple printers on one port, port closed before output written

10. which ports oracle uses and/or which ports to close on a switch?

11. Dropping DTR signal on port when port closed

12. mounting a fs on a 6000 server to a 6000 wrkst !!!!!! ! ! ! ! ! !

13. redirecting localhost:6000 -> other:6000